Know Your Customer (KYC), which can also be called Know Your Client, is mandatory for banks, money service providers, and cryptocurrency exchanges. KYC allows for a crypto exchange or money service provider (MSP) to identify risk levels of new customers and protect against fraud, theft, and otherwise suspicious or illicit activity. Both traditional stock exchanges such as the Dow Jones and nontraditional money exchanges such as in the crypto space are required to engage in Ongoing Monitoring of their customers. 

Risk Profiles (which are identified at the onset of a customer’s relationship with the bank or exchange) are monitored and updated at varying points in a customer’s relationship with the institution (one year, three years, or every time a significant transaction is completed). According to Dow Jones, “[c]ustomer profiles will change over time and firms must conduct ongoing monitoring of their business relationships to ensure risk profiles haven’t changed in a way that would expose the firm to non-compliance and reputational damage.” Know Your Customer (KYC) is standard practice for any compliance program and necessary to ensure clients are who they say they are.  

What is Blockchain?

Blockchain is a distributed ledger framework that cryptographically stores data on an open or private network. Blockchain is a technology that aims to transform the backend systems that most businesses run on. It aims to become a lower cost, more efficient way to share information and data between open and private networks.

Blockchain is useful as a tool in new Anti-money laundering solutions for fraud and risk departments across financial institutions. This is because the data that is stored on the framework is immutable. Within a blockchain system, data entries cannot be edited or modified.. Instead, they can only be appended after entering the system. This is particularly useful in AML transaction monitoring because it prevents criminals from trying to mask their transactions to prevent detection. The transactions will always be on the blockchain, no matter what a criminal does to attempt to modify them.

This will help banks save money in the long run. For example, Deutsche bank recently was fined over $700 million in 2017 because of accusations that it helped launder money out of Russia. Earlier this month, USB was fined over $5 billion by French regulators for money laundering and tax evasion. With blockchain technology in place, it would be more difficult for associates to evade the AML process and cause damage to a financial institution’s overall reputation.

An Anti-money laundering solution built on the blockchain could leverage the inherent qualities of the blockchain in order to identify and prevent illicit transactions. If the software used to monitor transactions is an AI with machine learning functionality, it could effectively run through strings of data to determine if money laundering activity is occurring. The reason this would work is because AI will be able to detect patterns in large volumes of data while adapting to changes in criminal activity over time with its machine learning capabilities.

Blockchain for AML Compliance

These tools would automate the transaction monitoring process and make it much more efficient and effective than current processes are today. Plus, if suspicious activity is detected, it could be highlighted, flagged and stopped for further investigation. All this activity would be immutably stored on the blockchain as well.

$1.4bn Stolen by Cyber Criminals as the Cryptocurrency Industry Faces New Round of Compliance/AML Failures

Major cryptocurrency exchanges are on the alert as 2020 brought another round of hacks, thefts, and decimating losses. Despite more stringent regulations being adopted across the European Union (EU), billions of dollars are being lost due to banks and exchanges failing to implement these new compliance hurdles.

EU Enforces Compliance as Fifth Anti-money laundering Directive Shakes Industry

As the EU’s Fifth Anti-money Laundering directive came into force on January 10, 2020, organizations operating in the crypto space are being challenged to update their compliance programs. Most notably, Bitcoin.com notes that the EU law will, “oblige digital asset exchanges as well as providers of crypto payment and custodian services to apply for licenses from the Federal Financial Supervisory Authority (Bafin).”   

The Fifth Directive states, “Recent terrorist attacks have brought to light emerging new trends, in particular regarding the way terrorist groups finance and conduct their operations. Certain modern technology services are becoming increasingly popular as alternative financial systems, whereas they remain outside the scope of Union law or benefit from exemptions from legal requirements, which might no longer be justified.” 

Major Risks For Non-Compliant Organizations Operating in the Crypto Space 

Risks Surrounding Client Anonymity: The Fifth Anti-money Laundering Directive’s 9th section points out that, “anonymity of virtual currencies allows their potential misuse for criminal purposes. The inclusion of providers engaged in exchange services between virtual currencies and fiat currencies and custodian wallet providers will not entirely address the issue of anonymity attached to virtual currency transactions, as a large part of the virtual currency environment will remain anonymous because users can also transact without such providers.” It goes on to note that in order to combat this loophole, “national Financial Intelligence Units (FIUs) should be able to obtain information allowing them to associate virtual currency addresses to the identity of the owner of virtual currency.” In the United States, financial institutions are required to identify and report suspicious activity reports (SAPs|. 

The Fifth Directive also discusses the idea of self-declaration and that FIUs, “should be able to obtain information allowing them to associate virtual currency addresses to the identity of the owner of virtual currency.” Despite growing regulations, there still exist major challenges which have led to billions in scams, ponzi schemes, digital currency theft and extortion. 

PlusToken, WuToken, & KuCoin Just To Name a Few Highlight Need For KYC in Crypto Space

Boxmining, a leading technology and fintech asset media property and FinTech trends outlet states, “Plus Token” was a cryptocurrency Ponzi scheme disguised as a high-yield investment program. Platform administrators closed down the operation in June of 2019. Fraudsters abandoned the scheme by withdrawing over $3 Billion dollars in Cryptocurrencies (Bitcoin, Ethereum, and EOS) and leaving the message “sorry we have run“. This has led to an international manhunt for the platform administrators and creators of Plus Token. Plus token has been blamed for causing Bitcoin prices to fall in 2019 as stolen funds were sold via Bitcoin OTCs.” The need for proper KYC and transaction monitoring is especially apparent in the case of PlusToken. 

WuToken Hack: $281M Gone In An Instant

Cryptocurrency exchange KuCoin was instantly decimated with losses of over $281M in 2020. COO Insights reports that, “[o]n September 26, cryptocurrency exchange KuCoin issued a statement that it experienced a ‘security incident’. At that point, some USD 150 million in BTC (bitcoin), ERC-20 (ethereum-based tokens), and other cryptocurrencies were estimated to be stolen. 

Over the next couple of days, that amount had grown to USD 280 million, effectively making the KuCoin hack the third-largest crypto hack. Only Coincheck, which suffered a USD 534.8 million hack in 2018, and Mt. Gox, which lost USD 460 million in 2014 to another hack, were ahead in terms of loss.” 

Hacks and Ponzi schemes like these are rampant but organizations that build strong compliance programs, including AML risk profiling and KYC and Extended Due Diligence (EDD) processes will face a much less risky foray into the crypto space. 

About IDMERIT

Headquartered in San Diego, California, IDMERIT provides an ecosystem of identity verification solutions designed to help its customers prevent fraud, meet regulatory compliance and deliver frictionless user experiences. The company is committed to the on-going development and delivery of offerings that are more cost-effective and comprehensive than other solution providers. IDMERIT was funded by experts who have been sourcing data on personal and business identities across the globe for over a decade. This access to official and trusted data throughout the world has become increasingly important as companies find themselves completing transactions across borders as a standard course of business. www.idmerit.com

The post Theft, Ponzi Schemes, & KYC Challenges Rampant in the Crypto Space appeared first on IDMERIT.

While identity theft is commonly associated with financial fraud, it is becoming a regular occurrence in the medical/healthcare sector. The 2017 Annual Data Breach Year-End Review by the Identity Theft Resource Center reports that the medical sector ranks second with 374 breaches (23.7 percent of overall total) out of 1579 reported cases of data breaches.

Key takeaways from the survey:

• 79% of respondents expect healthcare providers to be proactive in preventing and detecting medical identity theft.
• 48% of respondents would consider changing healthcare providers if their medical records were lost or stolen.
• Only 37% of respondents say their healthcare providers have informed them about the measures they take to protect medical records.

Personal identity information like: DOB, Social Security Numbers are commodities that can be hacked, used to falsify insurance claims or to fraudulently acquire government benefits such as Medicaid or Medicare. In fact, identification data is sold on the dark web for as little as 15 cents per lead where it can be used to create entirely new medical identities. Only in rare cases are medical identity victims informed by the healthcare provider or the insurance company about suspicious or fraudulent activity on their account.

Becoming aware of Medical Identity Theft

In the United States alone, medical identity theft is costing the healthcare industry $80 billion to $230 billion, annually. According to these estimates, healthcare organizations which suffer from data breaches are subject to costs that average $2 million over two years. Therefore, it is imperative to become as impenetrable as the financial services industry.

Your business’s security protocols must keep up with the latest methods of cybercriminals use to perpetuate fraud. To reduce risk of medical identity theft, you should help healthcare consumers gain more control over their medical records. Ultimately, however healthcare providers and or organizations are responsible for informing consumers about the devastating effects of medical identity theft.

Healthcare providers, insurance providers and the governments must improve their identity authentication methods to curb the rise of medical identity theft. Following are the recommendations for healthcare organizations on how to protect against medical identity theft:

1. Educate Healthcare Consumers on Medical Identity Theft

One method fraudsters use to gain personally identifiable information like date of birth and Social Security numbers is through data breaches. This makes the data much more valuable, making it far easier for criminals to sell on the dark web.

Even when proper precautions are taken, identifiable information can still be stolen. Senior citizens are at highest risk because – 1.) They live independently or in a community, which is not enough to prevent social isolation, 2.) Due to health issues senior citizens require frequent hospital or doctor’s visits increasing the risk twofold 3.) They have a higher credit scores, making it easier to assess large amounts of credit, and 4.) On an average, senior citizens have over 24 times the amount of assets of younger people, making them more attractive to criminals.

Healthcare consumers need to be made aware of the risks they take by viewing billing statements, test results, appointments, etc. online on an unsecured device. Educate healthcare consumers, especially senior citizens, on the proper protocols for protecting their PC from data breaches. Encourage consumers to request a copy of their medical records to make it easier to immediately detect suspicious new entries.

2. Train Staff on Fraud

Not only should patients be educated but medical staff should be trained on medical identity theft. New hires should be given extensive training, and senior employees should be updated frequently on the latest technology identity thieves use to target hospitals and insurance companies.

3. Authenticate Patient Identity

IDMERIT’s healthcare solutions provide advanced protection from healthcare fraud and identity abuse. With our platform, you will be able to securely verify and confirm healthcare information – It’s quick and easy. We are constantly updating our data in real time, so your organization will always be compliant with relevant regulatory standards and we hold ourselves to the highest ethical standards. The result is a much higher level of patient and provider trust. Contact us today and let’s build a fraud free world for future generations.

IDMERIT’s identity verification platform instantly performs these functions:

• Name and ID Verification
• Address Verification
• Age Verification
• Fraud detection

About IDMERIT

IDMERIT is a global consumer and business verification portal. We help customers across industries and government sectors predict, assess, and manage risks by combining next-generation risk management and anti-fraud services. Our warehouse of unique data and advanced analytics tools addresses evolving client needs. We can help your company automate decision making while upholding the highest standards of security and privacy.

We work closely with world-class niche organizations and Fortune 500 companies offering data warehousing and validity of contact data solutions to ensure they are compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH) Act, Clinical Laboratory Improvement Amendments (CLIA) of 1988. Our company powers the global identity ecosystem for customers.

For more information on IDMERIT’s identity verification services, you can drop us a line through the Contact Us page or call us at (888)-378-9283.

The post Medical Identity Theft is the Second Most Common Identity Theft appeared first on IDMERIT.